10 matches found
嘉实资讯 CTS Web transaction system 授权问题漏洞
CTS Web transaction system is a CTS Web transaction system from Cascade Information Technology, Taiwan. An authorization issue vulnerability exists in the CTS Web transaction system, which stems from an incorrect implementation of authentication-related functionality in the transaction system. A...
How Financial Apps Get You to Spend More and Question Less
You should never invest without fully understanding the risks, but tax prep and stock trading services often obfuscate the things you really need to know...
A week in security (September 25 – October 01)
Recently, we talked about the hacking incident at Deloitte, one of the 'big four' global accounting firms. It was reported that client email addresses, usernames, and passwords were exposed. This also brought to light weaknesses in their policies and lack of threat intelligence to recover leaked...
On the macOS Keychain Attack, Signal’s New Contact Service, the Deloitte Hack, and More
Mike Mimoso and Chris Brook recap the news of the week, including the macOS Keychain attack, Signal’s new private contact discovery service, the Deloitte hack, and a handful of mobile stock trading app vulnerabilities. Download: ThreatpostNewsWrapSeptember292017.mp3 Music by Chris Gonsalves Show...
Online Stock Trading - External URLs, Suspicious files, Unsafe deleting vulnerabilities
HackApp vulnerability scanner discovered that application Online Stock Trading published at the 'play' market has multiple vulnerabilities...
BUX - Casual Stock Trading - Customized SSL, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application BUX - Casual Stock Trading published at the 'play' market has multiple vulnerabilities...
Researchers detected the Malware that targets the Russian stock-trading platform QUIK
Security Researcher from Group-IB Group-IB is one of the leading companies in global cybercrime prevention and hi-tech crime investigations has found a new kind of malware that targets the Russian stock-trading platform QUIK. It was detected during several targeted attacks starting in November 20...
Researchers detected the Malware that targets the Russian stock-trading platform QUIK
Security Researcher from Group-IB Group-IB is one of the leading companies in global cybercrime prevention and hi-tech crime investigations has found a new kind of malware that targets the Russian stock-trading platform QUIK. It was detected during several targeted attacks starting in November 20...
ChartDirector 5.0.1 - cacheId Arbitrary File Disclosure
ChartDirector 5.0.1 - cacheId Arbitrary File Disclosure ==================================================== Advisory No.: ISNSC-0910 ============= ChartDirector Critical File Access Information ====== Author: DokFLeed Program Affected: http://www.chartdir.com for .NET Version: 5.0.1 Severity:...
ChartDirector 5.0.1 (cacheId) Arbitrary File Disclosure Vulnerability
Exploit for unknown platform in category web applications ===================================================================== ChartDirector 5.0.1 cacheId Arbitrary File Disclosure Vulnerability =====================================================================...